Multi-Tenant Isolation

ATHENA provides complete data isolation between customers using PostgreSQL Row-Level Security (RLS).

How It Works

Every database table includes a customer_id column with RLS policies:

-- Example: Decision table RLS policy
CREATE POLICY customer_isolation ON decisions
  USING (customer_id = current_setting('app.customer_id')::uuid);

Enforcement Levels

Level
Mechanism
Bypass Possible?

Database

PostgreSQL RLS

No

Application

Query filters

No (redundant)

API

Authentication

No

Validation

  • 100% test coverage for customer isolation

  • 390M+ records processed with no cross-customer leaks

  • Automated testing in CI/CD pipeline

How Requests Are Isolated

Example

Two customers query the same endpoint:

Customer A

Returns only Customer A's decisions.

Customer B

Returns only Customer B's decisions.

Same database. Complete isolation.

What's Isolated

Data Type
Isolated?
Mechanism

Decisions

RLS

Audit trail

RLS

API keys

RLS

Webhooks

RLS

Users

RLS

Settings

RLS

Exports

RLS

Shared Resources

Some resources are intentionally shared:

Resource
Shared?
Reason

Intelligence engines

Algorithms, not data

Export templates

Standard formats

Rate limit counters

Per-customer

Fair usage

Testing Isolation

We continuously test isolation:

Security Guarantees

  1. No cross-customer queries — Impossible at database level

  2. No data leakage — RLS prevents accidental exposure

  3. No privilege escalation — API keys scoped to customer

  4. Audit trail — All access logged per customer

Next: SOC 2 Compliance

PreviousData EncryptionNextSOC 2 Compliance

Last updated